package com.hua.api.core.framework.config.scurity;

import com.hua.api.core.framework.annotation.AnonymousAccess;
import com.hua.api.core.framework.annotation.TokenCheck;
import com.hua.api.core.framework.util.exception.ApiError;
import com.hua.api.core.util.StringUtil;
import lombok.extern.slf4j.Slf4j;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.HashMap;
import java.util.Map;

@SuppressWarnings("all")
@Slf4j
public class LoginInterceptors implements HandlerInterceptor {

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        log.info("uri={}",request.getRequestURI());
        if (!(handler instanceof HandlerMethod)) {
           return true;
        }
        if(request.getRequestURI().equals("/error")){
           return true;
        }
        // AnonymousAccess 注解直接通过
        AnonymousAccess access = ((HandlerMethod)handler).getMethodAnnotation(AnonymousAccess.class);
        if(null!=access){
           return true;
        }
        TokenCheck tokenCheck = ((HandlerMethod) handler).getMethodAnnotation(TokenCheck.class);
        String userAgent = request.getHeader(TokenHelper.Hua_User_Agent);
        String nonce = request.getHeader(TokenHelper.Hua_Nonce);
        String appKey = request.getHeader(TokenHelper.Hua_Appkey);
        String timestamp = request.getHeader(TokenHelper.Hua_Timestame);
        String signature = request.getHeader(TokenHelper.Hua_Signature);
        if(StringUtil.isEmptys(userAgent,nonce,appKey,timestamp,signature)){
            throw ApiError.Type.TOKEN_ERROR.toException("缺少必要参数！");
        }

        Map<String,String> params = new HashMap<>();
        params.put(TokenHelper.Hua_User_Agent,userAgent);
        params.put(TokenHelper.Hua_Nonce,nonce);
        params.put(TokenHelper.Hua_Appkey,appKey);
        params.put(TokenHelper.Hua_Timestame,timestamp);
        if(tokenCheck!=null && !StringUtil.equals(tokenCheck.userAgent(),userAgent)){
            // System.out.println(tokenCheck.userAgent()+"=================tokenCheck.userAgent()---"+userAgent);
            throw ApiError.Type.TOKEN_ERROR.toException("userAgent参数异常！");
        }
        // 签名验证
        String signStr = SignUtil.sign(params,appKey);
       // log.info("signStr==={}",signStr);
       // log.info("signature==={}",signature);
        if(!StringUtil.equals(signature,signStr)){
            throw ApiError.Type.TOKEN_ERROR.toException("数据签名验证失败！");
        }


        String token = request.getHeader(TokenHelper.X_WMALL_Authorization);
//        if(!StringUtil.isEmpty(token)){
//            log.info("uri={},token={}",request.getRequestURI(),token);
//        }
        if(null != token){
            TokenHelper.checkToken(token,tokenCheck);
        }else {
            throw ApiError.Type.TOKEN_ERROR.toException();
        }
        return true;

    }
}
